This course is a graduate-level course on security topics
in networks and distributed systems. The discussion topics in this
course will be centered around the theme, "what if a computer lies?",
and the end-goal of this course is to teach students how to design
secure network protocols and large-scale systems in the face of
misbehaving nodes. Many of today's large scale systems and networks are
built around the basic assumption that nodes in the system do not lie -
but if they do, then many of these systems completely break down. For
example, today, a single misbehaving router can potentially bring down
much of the Internet and a fast-propagating worm can infect over 50% of
hosts in less than 10 sec. In this class, we will analyze why such
attacks happen and what can one do defend against them. The main topics
that will be covered in the class include:
- secure routing protocols
- security attacks on the Internet architecture
- reliable communication and byzantine agreement
- byzantine fault tolerant file systems and untrusted storage
- worms
- security in enterprise networks (firewalls, end-host based security) and financial systems security (Sarbanes Oxley)
- security issues in P2P networks
- sensor network security
- security in wireless environments
- cryptographic approaches to deal with security attacks
- intrusion detection
- trust and reputation systems
- electronic voting machines

Survey study on a security sub-topic
One unique aspect of this class is that students will be involved in a
survey study (individual or in a group depending on class size). The
end-goal of this class is to distill some of the basic principles
essential for building secure systems and how these principles arise
repeatedly in different forms of systems. As part of this process,
students in the class will be involved in doing a survey study within a
specific subtopic and need to produce a survey report of that subtopic.
These topics will be given early in the class and students will begin
the survey work early in the semester. Together, all the surveys will
be released as a lecture notes in this topic.

Grading

As part of the course workload for this project, there are three basic aspects:
- A course project (50%)
- A survey writeup on a topic (suggested by the instructor) (30%)
- Assignment (involving identifying security flaws in an existing system) (10%) [not necessarily programming oriented]
- Continuous participation in class as well as part of an online class blog (10%)

The survey writeups of the class, together, shall be released as
lecture notes for the class at the end of the term. The final course
project (in groups of 2-3) should be a research oriented project on
computer security that either
- identifies security flaws in existing system
- builds a secure version of a network protocol or a system

Potential project ideas will be discussed in class.

Prerequisites

A basic undergraduate level background on networks and operating
systems is essential for this class. You would need good programming
experience in C/C++/Java for this class. The course project is
programming based. If you have taken the course offered last semester
on "Networks and Distributed Systems", you are welcome to take this
class too since some of the material builds upon that material.
However, it is not essential to have the class last semester as long as
you have some prior exposure to networks and distributed systems.